diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0579dc4833a697520001b6befab794dbf6dce2d5..46157a0218e440837f94ed7aea2a42243c477ed3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## [7.3.2](https://gitlab.com/to-be-continuous/python/compare/7.3.1...7.3.2) (2024-11-02)
+
+
+### Bug Fixes
+
+* limit security reports access to developer role or higher ([40c85ef](https://gitlab.com/to-be-continuous/python/commit/40c85eff562a00ceb9b381ef72472ce1910b97ab))
+
 ## [7.3.1](https://gitlab.com/to-be-continuous/python/compare/7.3.0...7.3.1) (2024-10-25)
 
 
diff --git a/README.md b/README.md
index 2de10dc1040579b0cb671df31576f987d8c66c9c..4af1d8947a2f63272c82dc6af2ecc428092284fb 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ Add the following to your `.gitlab-ci.yml`:
 ```yaml
 include:
   # 1: include the component
-  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1
+  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2
     # 2: set/override component inputs
     inputs:
       image: registry.hub.docker.com/library/python:3.12-slim
@@ -29,7 +29,7 @@ Add the following to your `.gitlab-ci.yml`:
 include:
   # 1: include the template
   - project: 'to-be-continuous/python'
-    ref: '7.3.1'
+    ref: '7.3.2'
     file: '/templates/gitlab-ci-python.yml'
 
 variables:
@@ -521,9 +521,9 @@ With:
 ```yaml
 include:
   # main component
-  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1
+  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2
   # Vault variant
-  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-vault@7.3.1
+  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-vault@7.3.2
     inputs:
       vault-base-url: "https://vault.acme.host/v1"
       # audience claim for JWT
@@ -563,13 +563,13 @@ The variant requires the additional configuration parameters:
 
 ```yaml
 include:
-  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.1
+  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@7.3.2
     # 2: set/override component inputs
     inputs:
       image: registry.hub.docker.com/library/python:3.12-slim
       pytest-enabled: true
 
-  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-gcp@7.3.1
+  - component: $CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python-gcp@7.3.2
     inputs:
       # common OIDC config for non-prod envs
       gcp-oidc-provider: "projects/<gcp_nonprod_proj_id>/locations/global/workloadIdentityPools/<pool_id>/providers/<provider_id>"
diff --git a/templates/gitlab-ci-python-gcp.yml b/templates/gitlab-ci-python-gcp.yml
index e22511b060a2a11c904cd54e23f62b1961a36245..43d02cb25653f0cf490b26cfc60a0c6f2db4215c 100644
--- a/templates/gitlab-ci-python-gcp.yml
+++ b/templates/gitlab-ci-python-gcp.yml
@@ -44,7 +44,7 @@ variables:
   image: $PYTHON_IMAGE
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "python", "7.3.1"]
+      command: ["--service", "python", "7.3.2"]
   variables:
     GCP_JWT: $GCP_JWT
   before_script:
diff --git a/templates/gitlab-ci-python-vault.yml b/templates/gitlab-ci-python-vault.yml
index 81e875625d168fc5da7240ae9a75fa58a0843110..29148e74dafd7b350731d62f8f99bbf0bf3559c2 100644
--- a/templates/gitlab-ci-python-vault.yml
+++ b/templates/gitlab-ci-python-vault.yml
@@ -22,7 +22,7 @@ variables:
 .python-base:
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "python", "7.3.1"]
+      command: ["--service", "python", "7.3.2"]
     - name: "$TBC_VAULT_IMAGE"
       alias: "vault-secrets-provider"
   variables:
diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml
index 93dad4ebfe471977c8203d6fe537fc169512bc2c..fad409612f7aeb2296f66d565cffc42ad04c6b34 100644
--- a/templates/gitlab-ci-python.yml
+++ b/templates/gitlab-ci-python.yml
@@ -960,7 +960,7 @@ stages:
   image: $PYTHON_IMAGE
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "python", "7.3.1"]
+      command: ["--service", "python", "7.3.2"]
   variables:
     # set local cache dir; most Python tools honour XDG specs
     XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache"